Gnutella remailers

[Declan McCullagh]

On Mon, Sep 03, 2001 at 10:42:19PM -0700, Steve Schear wrote:
> I believe Ian Goldberg came up with a rather elegant solution: allow the 
> the clients to only function as entry and middlemen remailers and use 
> throwaway accounts at hotmail or similar fall guys as the exit points.

Maybe, but it's vulnerable to a few things, I'd wager, if you're talking
about writing a client that would log in to a web-based mail service
and then send mail from within it:

* Automated monitoring by Hotmail/Yahoo/Lycos Mail/etc. If an account
usually sends 10 messages/day, look for spikes in traffic two standard
deviations above the mean and temporarily block access to that account.
Or require human intervention to re-enable that account.

* Anti-spam monitoring, similar to the above. What a remailer (who
logs into the service and and sends mail from within it, rather than
forging the From: line) would do is what a lot of spammers would like
to do too.

* Contractual arrangements by the web-based mail operator that could,
theoretically, make the remailer operator liable in some cases.

Sorry to be such a downer today, but that doesn't seem like a wonderful
solution -- at least after web-based mail services realize what you're
doing and employ suitable technological/legal countermeasures. Perhaps
an automated registration process might work,using a large number of
accounts and automatically creating them as needed and discarding them
when necessary. Though to escape (theoretical, in my hypothetical)
legal liability, the initial setup and message-dumping would have to be
done anonymously, raising the cost and hassle factor.

-Declan